Crack

What is “HackTool:Win32/KeyGen.VI!MTB”?

Malware Removal

The HackTool:Win32/KeyGen.VI!MTB is considered dangerous by lots of security experts. When this infection is active, you may notice unwanted processes in Task Manager list. In this case, it is adviced to scan your computer with GridinSoft Anti-Malware.

GridinSoft Anti-Malware - Review 2020

GridinSoft Anti-Malware

Removing PC viruses manually may take hours and may damage your PC in the process. We recommend to use GridinSoft Anti-Malware for virus removal. Allows to complete scan and cure your PC during the TRIAL period.
6-day free trial available.

What HackTool:Win32/KeyGen.VI!MTB virus can do?

  • SetUnhandledExceptionFilter detected (possible anti-debug)
  • Yara rule detections observed from a process memory dump/dropped files/CAPE
  • Dynamic (imported) function loading detected
  • The binary likely contains encrypted or compressed data.
  • Authenticode signature is invalid

How to determine HackTool:Win32/KeyGen.VI!MTB?


File Info:

name: 0BAA342F24A6D243097F.mlw
path: /opt/CAPEv2/storage/binaries/9a4627bfcdb6ab3ee61e0d4336a24961da9d0ee63a50bde65cd6964a4689b007
crc32: F827C66E
md5: 0baa342f24a6d243097fa7371841d492
sha1: 395d5da73477623127356842a12422632b007c77
sha256: 9a4627bfcdb6ab3ee61e0d4336a24961da9d0ee63a50bde65cd6964a4689b007
sha512: 48aed89afbbbce513eb1ef863c47c65920ed1841c27671bd471ea64627f3ecf9e690e85b3d116e543963488dc3bb838e028939a6c89986732542a51a0ae8cdd7
ssdeep: 196608:C5Ey/h7pB28TeD7QQIv28TeD7QQI928TeD7QQIZgyj4VD01h01:C5EyZ7DnqD7QQIvnqD7QQI9nqD7QQIZG
type: PE32 executable (GUI) Intel 80386, for MS Windows
tlsh: T181A67E38ADE18272D4B38671C1A6B5E96935BD2277141ECF11C1274E893BBD36C70E2E
sha3_384: 22477af0f5c122e14d1979ff4c152cd1d0335b8b3132e2304a69217cfe3ad4fc9b5c6c4e6dc9b105973747a6f6a4d502
ep_bytes: e8605e0000e989feffffcccccc568b44
timestamp: 2018-04-07 02:35:52

Version Info:

CompanyName: Dumpster™ Inc.
FileDescription: HWID/KMS38™ Tool by Dumpster Inc.
FileVersion: 5.2.0.1
InternalName: HWID/KMS38™ Tool
LegalCopyright: Dumpster™ Inc.
OriginalFilename: HWID/KMS38™ Tool
ProductName: HWID/KMS38™ Beneration Tool
ProductVersion: 5.2.0.1
Translation: 0x0409 0x04b0

HackTool:Win32/KeyGen.VI!MTB also known as:

BkavW32.AIDetect.malware2
LionicHacktool.Win32.WinActivator.3!c
DrWebTrojan.MulDrop9.15412
MicroWorld-eScanTrojan.GenericKD.37847332
FireEyeGeneric.mg.0baa342f24a6d243
CAT-QuickHealTrojan.Agent
McAfeeArtemis!0BAA342F24A6
CylanceUnsafe
SangforHacktool.Win32.WinActivator.e
K7AntiVirusRiskware ( 0040eff71 )
AlibabaHackTool:Win32/WinActivator.5e914870
K7GWRiskware ( 0040eff71 )
Cybereasonmalicious.734776
VirITTrojan.Win32.Dnldr26.CSQV
SymantecML.Attribute.HighConfidence
Elasticmalicious (moderate confidence)
ESET-NOD32Win32/HackTool.WinActivator.Y potentially unsafe
TrendMicro-HouseCallTROJ_GEN.R002C0PJP21
KasperskyHackTool.Win32.WinActivator.e
BitDefenderTrojan.GenericKD.37847332
AvastFileRepMetagen [Trj]
Ad-AwareTrojan.GenericKD.37847332
EmsisoftTrojan.GenericKD.37847332 (B)
TrendMicroTROJ_GEN.R002C0PJP21
McAfee-GW-EditionBehavesLike.Win32.Dropper.tc
SophosGeneric ML PUA (PUA)
GDataTrojan.GenericKD.37847332
WebrootW32.Malware.Gen
ViRobotTrojan.Win32.Agent.891904.E
MicrosoftHackTool:Win32/KeyGen.VI!MTB
AhnLab-V3Malware/Win32.Generic.C2627105
VBA32BScope.Trojan.Occamy
ALYacTrojan.GenericKD.37847332
MAXmalware (ai score=89)
MalwarebytesMalware.AI.3935063931
APEXMalicious
RisingPUA.Presenoker!8.F608 (CLOUD)
FortinetW32/Generic_PUA_KK.RH!tr
AVGFileRepMetagen [Trj]
CrowdStrikewin/grayware_confidence_70% (W)

How to remove HackTool:Win32/KeyGen.VI!MTB?

HackTool:Win32/KeyGen.VI!MTB removal tool
  • Download and install GridinSoft Anti-Malware.
  • Open GridinSoft Anti-Malware and perform a “Standard scan“.
  • Move to quarantine” all items.
  • Open “Tools” tab – Press “Reset Browser Settings“.
  • Select proper browser and options – Click “Reset”.
  • Restart your computer.

About the author

Paul Valéry

I'm a cyber security analyst and data science expert with 5+ years of experience with security software contractors.

Leave a Comment